Results 11  20
of
67
Measuring and synthesizing systems in probabilistic environments
 CoRR
"... Abstract. Often one has a preference order among the different systems that satisfy a given specification. Under a probabilistic assumption about the possible inputs, such a preference order is naturally expressed by a weighted automaton, which assigns to each word a value, such that a system is pre ..."
Abstract

Cited by 22 (11 self)
 Add to MetaCart
(Show Context)
Abstract. Often one has a preference order among the different systems that satisfy a given specification. Under a probabilistic assumption about the possible inputs, such a preference order is naturally expressed by a weighted automaton, which assigns to each word a value, such that a system is preferred if it generates a higher expected value. We solve the following optimalsynthesis problem: given an omegaregular specification, a Markov chain that describes the distribution of inputs, and a weighted automaton that measures how well a system satisfies the given specification under the given input assumption, synthesize a system that optimizes the measured value. For safety specifications and measures that are defined by meanpayoff automata, the optimalsynthesis problem amounts to finding a strategy in a Markov decision process (MDP) that is optimal for a longrun average reward objective, which can be done in polynomial time. For general omegaregular specifications, the solution rests on a new, polynomialtime algorithm for computing optimal strategies in MDPs with meanpayoff parity objectives. We present some experimental results showing optimal systems that were automatically generated in this way. 1
Breaking up is hard to do: An evaluation of automated assumeguarantee reasoning
 ACM Transactions on Software Engineering and Methodology
, 2008
"... Finitestate verification techniques are often hampered by the stateexplosion problem. One proposed approach for addressing this problem is assumeguarantee reasoning, where a system under analysis is partitioned into subsystems and these subsystems are analyzed individually. By composing the resul ..."
Abstract

Cited by 22 (0 self)
 Add to MetaCart
Finitestate verification techniques are often hampered by the stateexplosion problem. One proposed approach for addressing this problem is assumeguarantee reasoning, where a system under analysis is partitioned into subsystems and these subsystems are analyzed individually. By composing the results of these analyses, it can be determined whether or not the system satisfies a property. Because each subsystem is smaller than the whole system, analyzing each subsystem individually may reduce the overall cost of verification. Often the behavior of a subsystem is dependent on the subsystems with which it interacts, and thus it is usually necessary to provide assumptions about the environment in which a subsystem executes. Because developing assumptions has been a difficult manual task, the evaluation of assumeguarantee reasoning has been limited. Using recent advances for automatically generating assumptions, we undertook a study to determine if assumeguarantee reasoning provides an advantage over monolithic verification. In this study, we considered all twoway decompositions for a set of systems and properties, using two different verifiers, FLAVERS and LTSA. By increasing the number of repeated tasks in these systems, we evaluated the decompositions as they were scaled. We found that in only a few cases can assumeguarantee reasoning verify properties on larger systems than monolithic verification can, and in these cases the systems that can be analyzed are only a few sizes larger. Although these results are discouraging, they provide insight about research directions that should be pursued and highlight the importance of experimental
Breaking Up is Hard to Do: An Investigation of Decomposition for AssumeGuarantee Reasoning
, 2004
"... Finitestate verification techniques, such as model checking, are often hampered by the state explosion problem, where the number of reachable states to be explored is exponential in the number of concurrent processes in a system. One proposed approach for addressing this problem is assumeguarantee ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
(Show Context)
Finitestate verification techniques, such as model checking, are often hampered by the state explosion problem, where the number of reachable states to be explored is exponential in the number of concurrent processes in a system. One proposed approach for addressing this problem is assumeguarantee reasoning in which a system is decomposed into subsystems and, after appropriate assumptions are selected about the behavior of these subsystems, the verification of the original system is accomplished via the verification of these smaller subsystems. Recent advances in assumeguarantee reasoning allow the assumptions to be automatically generated. An outstanding problem, however, is how to find good decompositions. To explore this problem, we undertook a study that considered all twoway decompositions for a set of systems and properties. By increasing the number of repeated tasks for a system, we evaluated the decompositions as the systems were scaled to larger sizes. Our results show that, in most cases, we were able to find a decomposition that led to memory savings at the cost of additional time. Surprisingly, our use of assumeguarantee reasoning did not usually produce a large enough savings in memory to allow us to verify a larger configuration than monolithic verification. This negative result casts doubt on the usefulness of assumeguarantee reasoning as an effective compositional approach for increasing the size of systems that can be analyzed by finitestate verification.
Actively learning to verify safety for FIFO automata
 In LNCS 3328, Proc. of FSTTCS’04
, 2004
"... We apply machine learning techniques to verify safety properties of finite state machines which communicate over unbounded FIFO channels. Instead of attempting to iteratively compute the reachable states, we use Angluin's L* algorithm to learn these states. The learnt set of reachable states ..."
Abstract

Cited by 15 (4 self)
 Add to MetaCart
We apply machine learning techniques to verify safety properties of finite state machines which communicate over unbounded FIFO channels. Instead of attempting to iteratively compute the reachable states, we use Angluin's L* algorithm to learn these states. The learnt set of reachable states is then used either to prove that the system is safe, or to produce a valid execution of the system that leads to an unsafe state (i.e. to produce a counterexample). Specifically, we assume that we are given a model of the system and we provide a novel procedure which answers both membership and equivalence queries for a representation of the reachable states. We define a new encoding scheme for representing reachable states and their witness execution; this enables the learning algorithm to analyze a larger class of FIFO systems automatically than a naive encoding would allow.
Guided gui testing of android apps with minimal restart and approximate learning
 In Proceedings of the 2013 ACM SIGPLAN International Conference on Object Oriented Programming Systems Languages; Applications, OOPSLA ’13
, 2013
"... Smartphones and tablets with rich graphical user interfaces (GUI) are becoming increasingly popular. Hundreds of thousands of specialized applications, called apps, are available for such mobile platforms. Manual testing is the most popular technique for testing graphical user interfaces of such a ..."
Abstract

Cited by 14 (2 self)
 Add to MetaCart
(Show Context)
Smartphones and tablets with rich graphical user interfaces (GUI) are becoming increasingly popular. Hundreds of thousands of specialized applications, called apps, are available for such mobile platforms. Manual testing is the most popular technique for testing graphical user interfaces of such apps. Manual testing is often tedious and errorprone. In this paper, we propose an automated technique, called SwiftHand, for generating sequences of test inputs for Android apps. The technique uses machine learning to learn a model of the app during testing, uses the learned model to generate user inputs that visit unexplored states of the app, and uses the execution of the app on the generated inputs to refine the model. A key feature of the testing algorithm is that it avoids restarting the app, which is a significantly more expensive operation than executing the app on a sequence of inputs. An important insight behind our testing algorithm is that we do not need to learn a precise model of an app, which is often computationally intensive, if our goal is to simply guide test execution into unexplored parts of the state space. We have implemented our testing algorithm in a publicly available tool for Android apps written in Java. Our experimental results show that we can achieve significantly better coverage than traditional random testing and L∗based testing in a given time budget. Our algorithm also reaches peak coverage faster than both random and L∗based testing.
Integration testing of components guided by incremental state machine learning
 In TAIC PART
, 2006
"... The design of complex systems, e.g., telecom services, is nowadays usually based on the integration of components (COTS), loosely coupled in distributed architectures. When components come from third party sources, their internal structure is usually unknown and the documentation is insufficient. Th ..."
Abstract

Cited by 14 (8 self)
 Add to MetaCart
(Show Context)
The design of complex systems, e.g., telecom services, is nowadays usually based on the integration of components (COTS), loosely coupled in distributed architectures. When components come from third party sources, their internal structure is usually unknown and the documentation is insufficient. Therefore, the system integrator faces the problem of providing a required system assembling COTS whose behaviour is barely specified and for which no model is usually available. In this paper, we address the problem of integration testing of COTS. It combines test generation techniques with machine learning algorithms. Statebased models of components are built from observed behaviours. The models are alternatively used to generate tests and extended to take into account observed behaviour. This process is iterated until a satisfactory level of confidence in testing is achieved. 1.
Insights to Angluin's Learning
 In International Workshop on Software Verification and Validation (SVV
, 2003
"... Among other domains, learning finitestate machines is important for obtaining a model of a system under development, so that powerful formal methods such as model checking can be applied. ..."
Abstract

Cited by 13 (3 self)
 Add to MetaCart
(Show Context)
Among other domains, learning finitestate machines is important for obtaining a model of a system under development, so that powerful formal methods such as model checking can be applied.
Learning to Verify Safety Properties
 In LNCS 3308, Proc. of ICFEM’04
, 2004
"... We present a novel approach for verifying safety properties of finite state machines communicating over unbounded FIFO channels that is based on applying machine learning techniques. We assume that we are given a model of the system and learn the set of reachable states from a sample set of exec ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
(Show Context)
We present a novel approach for verifying safety properties of finite state machines communicating over unbounded FIFO channels that is based on applying machine learning techniques. We assume that we are given a model of the system and learn the set of reachable states from a sample set of executions of the system, instead of attempting to iteratively compute the reachable states. The learnt set of reachable states is then used to either prove that the system is safe or to produce a valid execution of the system leading to an unsafe state (i.e. a counterexample). We have implemented this method for verifying FIFO automata in a tool called Lever that uses a regular language learning algorithm called RPNI. We apply our tool to a few case studies and report our experience with this method. We also demonstrate how this method can be generalized and applied to the verification of other infinite state systems.
Relentful Strategic Reasoning in AlternatingTime Temporal Logic
, 2012
"... Temporal logics are a well investigated formalism for the specification, verification, and synthesis of reactive systems. Within this family, AlternatingTime Temporal Logic (ATL ∗ , for short) has been introduced as a useful generalization of classical linear and branchingtime temporal logics, by ..."
Abstract

Cited by 12 (6 self)
 Add to MetaCart
(Show Context)
Temporal logics are a well investigated formalism for the specification, verification, and synthesis of reactive systems. Within this family, AlternatingTime Temporal Logic (ATL ∗ , for short) has been introduced as a useful generalization of classical linear and branchingtime temporal logics, by allowing temporal operators to be indexed by coalitions of agents. Classically, temporal logics are memoryless: once a path in the computation tree is quantified at a given node, the computation that has led to that node is forgotten. Recently, mCTL ∗ has been defined as a memoryful variant of CTL ∗ , where path quantification is memoryful. In the context of multiagent planning, memoryful quantification enables agents to “relent ” and change their goals and strategies depending on their history. In this paper, we define mATL ∗ , a memoryful extension of ATL ∗ , in which a formula is satisfied at a certain node of a path by taking into account both the future and the past. We study the expressive power of mATL ∗, its succinctness, as well as related decision problems. We also investigate the relationship between memoryful quantification and past modalities and show their equivalence. We show that both the memoryful and the past extensions come without any computational price; indeed, we prove that both the satisfiability and the modelchecking problems are 2EXPTIMECOMPLETE, as they are for ATL ∗.
Incremental LearningBased Testing for Reactive Systems
"... Abstract. We show how the paradigm of learningbased testing (LBT) can be applied to automate specificationbased blackbox testing of reactive systems. Since reactive systems can be modeled as Kripke structures, we introduce an efficient incremental learning algorithm IKL for such structures. We sh ..."
Abstract

Cited by 11 (4 self)
 Add to MetaCart
(Show Context)
Abstract. We show how the paradigm of learningbased testing (LBT) can be applied to automate specificationbased blackbox testing of reactive systems. Since reactive systems can be modeled as Kripke structures, we introduce an efficient incremental learning algorithm IKL for such structures. We show how an implementation of this algorithm combined with an efficient model checker such as NuSMV yields an effective learningbased testing architecture for automated test case generation (ATCG), execution and evaluation, starting from temporal logic requirements. 1